[129339] in North American Network Operators' Group
Re: just seen my first IPv6 network abuse scan, is this the start
daemon@ATHENA.MIT.EDU (Matthias Flittner)
Fri Sep 3 07:43:40 2010
Date: Fri, 03 Sep 2010 13:43:20 +0200
From: Matthias Flittner <matthias.flittner@de-cix.net>
To: nanog@nanog.org
In-Reply-To: <AANLkTimrj7ZqcE2dq1wbgJbokFyWbbG=FY08_n9S2T5D@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigE24AAF96CBDE3A5B8DA600ED
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Hi,
> Since recently we noticed "Neighbour table overflow" warnings from
> the kernel on a lot of Linux machines. As this was very annoying for
> us and our customers I started to dump traffic and tried to find the
> cause.
sounds for me as an typicall IPv6 DoS attack. (see RFC3756)
Sheng Jiang has discussed this issue in his draft:
http://tools.ietf.org/html/draft-jiang-v6ops-nc-protection-01
regards,
-F
--------------enigE24AAF96CBDE3A5B8DA600ED
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJMgN9bAAoJEIZn8Rym6s4ACR4H/Ali/XoQBBPdAhNvpqDH9HPr
QGk82R//00GYCMggtpXEbgsg9CVAfaQDxaRv81T6e5E3XzxAQbGelzBm733PnwXX
HqMXsoVbBVdbQ6TIw2qwq25JyNQV6OdiJtoEFqrQvm18TNi1uTeJqt7Emjvl3cC3
XdSP58VaV1rKbreqB7bRcmoXhXnM/Wbp+3spUMCIbzK7KW+5s8zqhgFzB3zqKjt5
EPWmbmHnVzjOo+lMjpzKKE4C2odh8ZilzeSU9laonHCLxyL2Cd5NvLiGQ+UioLfi
HWb2RyYKLFOGmRZ8Wk4CUDWkwGsvn71pjl2aOZ8bLtSMXoKPIyTtyAYdmPWztoQ=
=KZAb
-----END PGP SIGNATURE-----
--------------enigE24AAF96CBDE3A5B8DA600ED--
